<?php
class core_user extends object {

public $id="";
public $login="";
public $name="";
public $email="";
public $role="";
public $passwd="";
public $passwd2="";
public $created="";
public $disabled="";


function setid($id){
	$this->id=$id;
	$result=mysql_query("select * from users where ID=".mysql_real_escape_string($this->id)."");
	$row = mysql_fetch_array($result);
	if ($this->login == "") {
	$this->login=$row['login']; 
		}
	if ($this->name == "") {
	$this->name=$row['name'];
		}
	if ($this->email == "") {
	$this->email=$row['email'];
		}
	if ($this->role == "") {
	$this->role=$row['role']; 
		}
	if ($this->disabled == "") {
	$this->disabled=$row['disabled'];
		}
	}

//in order to add user, login, name, email, role and passwd must be specified. id must NOT be specified (to avoid user hijacking)
function adduser_validate() {
	$loc = new loc;
	$out="";	
	if ($this->login == "") {
	$out=$out."<br>".$loc->validation_adduser_login_miss; 
		}
	if ($this->name == "") {
	$out=$out."<br>".$loc->validation_adduser_name_miss; 
		}
	if ($this->email == "") {
	$out=$out."<br>".$loc->validation_adduser_email_miss; 
		}
	if ($this->role == "") {
	$out=$out."<br>".$loc->validation_adduser_role_miss; 
		}
	if ($this->disabled == "") {
	$out=$out."<br>".$loc->validation_adduser_disable_miss; 
		}
	if ($this->passwd == "") {
	$out=$out."<br>".$loc->validation_adduser_passwd_miss; 
		}
	if ($this->passwd != $this->passwd2) {
	$out=$out."<br>".$loc->validation_adduser_passwdmismatch_miss; 
		}					
	if ($this->id != "") {
	$out=$out."<br>".$loc->validation_adduser_abundantid; 
		}	
	$result=mysql_query("select * from users WHERE login='".$this->login."'");
	if ($result != "") {
	$row=mysql_fetch_array($result);
	if (isset($row['name'])) {
			$out=$out."<br>".$loc->validation_adduser_loginalreadyexist; 
			}
		}
	return $out;	
	}

function adduser() {
	$validation=$this->adduser_validate();
	if ($validation == "") {
		$this->created=time();
		$password = sha1($this->passwd);
		mysql_query("insert into users (login,name,email,role,passwd,created) values ('".mysql_real_escape_string($this->login)."','".mysql_real_escape_string($this->name)."','".mysql_real_escape_string($this->email)."','".mysql_real_escape_string($this->role)."','".mysql_real_escape_string($password)."',".mysql_real_escape_string($this->created).")");
		$query="select ID,users from tree";
		$result=mysql_query($query);
		while ($row=mysql_fetch_array($result)) {
			$query2="update tree set users='".$row['users'].",".$this->login."' WHERE id=".$row['ID']."";
			mysql_query($query2);	
			}
		}		
	}
	
function edituser_validate() {
	$loc = new loc;
	$out="";	
	if ($this->login == "") {
	$out=$out."<br>".$loc->validation_adduser_login_miss; 
		}
	if ($this->name == "") {
	$out=$out."<br>".$loc->validation_adduser_name_miss; 
		}
	if ($this->email == "") {
	$out=$out."<br>".$loc->validation_adduser_email_miss; 
		}
	if ($this->role == "") {
	$out=$out."<br>".$loc->validation_adduser_role_miss; 
		}
	if ($this->disabled == "") {
	$out=$out."<br>".$loc->validation_adduser_disable_miss; 
		}
	if ($this->passwd != $this->passwd2) {
	$out=$out."<br>".$loc->validation_adduser_passwdmismatch_miss; 
		}					
	if ($this->id == "") {
	$out=$out."<br>".$loc->validation_adduser_id_miss; 
		}	
	
	return $out;	
	}

function edituser() {
	$validation=$this->edituser_validate();
	if ($validation == "") {
		if ($this->passwd == "") {
			mysql_query("update users set login='".mysql_real_escape_string($this->login)."',name='".mysql_real_escape_string($this->name)."',email='".mysql_real_escape_string($this->email)."',role='".mysql_real_escape_string($this->role)."',disabled='".mysql_real_escape_string($this->disabled)."' WHERE id=".mysql_real_escape_string($this->id)."");
			
			}else{
			$password = sha1($this->passwd);
			mysql_query("update users set login='".mysql_real_escape_string($this->login)."',name='".mysql_real_escape_string($this->name)."',email='".mysql_real_escape_string($this->email)."',role='".mysql_real_escape_string($this->role)."',disabled='".mysql_real_escape_string($this->disabled)."',passwd='".$password."' WHERE id=".mysql_real_escape_string($this->id)."");
			//$res="update users set login='".$this->login."',name='".$this->name."',email='".$this->email."',role='".$this->role."',passwd='".$password."' WHERE id=".$this->id."";			
			//return "<br>".$res;
			}
		}	
	}
	
function edit_passwd($id,$passwd) {
	$loc = new loc;
	if ($passwd != "" AND $id != "") {
		$password = sha1($passwd);
		$query="update users set passwd = '".$password."' WHERE id = ".$id."";
		mysql_query($query);
		return $loc->password_changed; 
		}
	}

function getUserName($id) {
	$query="select name from users where id=".$id."";
	$result=mysql_query($query);
	$row=mysql_fetch_array($result);
	return $row['name'];
	//return $query;
}

}



?>
